我在具有静态 IP 的 Hyper-V VM 上安装了最新的 CentOS 7 版本 1611。网络和防火墙似乎设置正确。现在我试图从 Putty 远程登录。我立即收到“连接被拒绝”的消息。
为了进行比较,我也在同一个网络中以相同的配置单独安装了 Ubuntu Server。那里没有问题。
为了排除故障,我尝试了以下 6 种方法。我是 Linux 新手。我真的希望有人能发现下面输出中的错误或提出新的解决方案。
(1)直接登录 CentOS VM 时,我在尝试连接 Putty 之前使用以下命令查看了日志。
tail -f /var/log/messages
但没有记录任何消息。
(2)/etc/resolv.conf文件包含以下内容。
# Generated by NetworkManager
nameserver 192.168.1.125
nameserver 75.75.75.75
nameserver 75.75.75.76
第一个 IP 是 DNS 服务器的 IP(带有 DNS 的 Windows 2012 R2 Active Directory 域控制器),后两个是 ISP 的 DNS IP。从 CentOS VM,使用 IP 或完全限定名称 ping 到其他计算机都可以正常工作。使用 IP 或完全限定名称从其他计算机 ping 到 CentOS VM 也有效。
(3)curl 工作正常
curl google.com
获取一些 html 数据。
(4)防火墙似乎表明允许“ssh”进入。
firewall-cmd --list-all
输出以下内容(如您所见,“ssh”包含在服务中)
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
sourceports:
icmp-blocks:
rich rules:
(5)sshd 的状态似乎已启动并正在运行
service sshd status
输出以下内容。
Redirecting to /bin/systemctl status sshd.service
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2017-03-26 23:49:44 EDT; 1h 18min ago
Docs: man:sshd(8)
man:sshd_config(5)
Process: 959 ExecStart=/usr/sbin/sshd $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 970 (sshd)
CGroup: /system.slice/sshd.service
└─970 /usr/sbin/sshd
Mar 26 23:49:44 localhost.localdomain systemd[1]: Starting OpenSSH server daemon...
Mar 26 23:49:44 localhost.localdomain systemd[1]: PID file /var/run/sshd.pid not readable (yet?) after start.
Mar 26 23:49:44 localhost.localdomain sshd[970]: Server listening on 0.0.0.0 port 22.
Mar 26 23:49:44 localhost.localdomain sshd[970]: Server listening on :: port 22.
Mar 26 23:49:44 localhost.localdomain systemd[1]: Started OpenSSH server daemon.
(6)/etc/ssh/sshd_config 内容如下
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
SyslogFacility AUTHPRIV
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication yes
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials no
UsePAM yes
X11Forwarding yes
UsePrivilegeSeparation sandbox # Default for new installations.
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS
Subsystem sftp /usr/libexec/openssh/sftp-server
输出netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:ssh 0.0.0.0:* LISTEN
tcp 0 0 localhost:smtp 0.0.0.0:* LISTEN
tcp6 0 0 [::]:ssh [::]:* LISTEN
tcp6 0 0 localhost:smtp [::]:* LISTEN
udp 0 0 localhost:323 0.0.0.0:*
udp6 0 0 localhost:323 [::]:*
raw6 0 0 [::]:ipv6-icmp [::]:* 7
Active UNIX domain sockets (only servers)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 9730 /run/systemd/journal/stdout
unix 2 [ ACC ] STREAM LISTENING 16151 /var/run/dbus/system_bus_socket
unix 2 [ ACC ] STREAM LISTENING 20503 public/flush
unix 2 [ ACC ] STREAM LISTENING 20518 public/showq
unix 2 [ ACC ] STREAM LISTENING 20472 public/pickup
unix 2 [ ACC ] STREAM LISTENING 20478 public/cleanup
unix 2 [ ACC ] STREAM LISTENING 20481 public/qmgr
unix 2 [ ACC ] STREAM LISTENING 14233 /run/lvm/lvmetad.socket
unix 2 [ ACC ] SEQPACKET LISTENING 14243 /run/udev/control
unix 2 [ ACC ] STREAM LISTENING 20500 private/verify
unix 2 [ ACC ] STREAM LISTENING 20506 private/proxymap
unix 2 [ ACC ] STREAM LISTENING 20509 private/proxywrite
unix 2 [ ACC ] STREAM LISTENING 20512 private/smtp
unix 2 [ ACC ] STREAM LISTENING 20515 private/relay
unix 2 [ ACC ] STREAM LISTENING 20521 private/error
unix 2 [ ACC ] STREAM LISTENING 20524 private/retry
unix 2 [ ACC ] STREAM LISTENING 20527 private/discard
unix 2 [ ACC ] STREAM LISTENING 20530 private/local
unix 2 [ ACC ] STREAM LISTENING 20533 private/virtual
unix 2 [ ACC ] STREAM LISTENING 20536 private/lmtp
unix 2 [ ACC ] STREAM LISTENING 20539 private/anvil
unix 2 [ ACC ] STREAM LISTENING 20542 private/scache
unix 2 [ ACC ] STREAM LISTENING 14016 /run/systemd/private
unix 2 [ ACC ] STREAM LISTENING 20485 private/tlsmgr
unix 2 [ ACC ] STREAM LISTENING 20488 private/rewrite
unix 2 [ ACC ] STREAM LISTENING 20491 private/bounce
unix 2 [ ACC ] STREAM LISTENING 20494 private/defer
unix 2 [ ACC ] STREAM LISTENING 20497 private/trace
unix 2 [ ACC ] STREAM LISTENING 14044 /run/lvm/lvmpolld.socket